CVE-2012-2203

IBM Global Security Kit aka GSKit before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS 12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers via...

Confusing Attackers with Artillery By Dave Kennedy (ReL1K)

Confusing Attackers with Artillery By Dave Kennedy ReL1K .png Dave Kennedy ReL1K, A security ninja & penetration tester develop Another amazing tool for Linux Protection, Named "Artillery". This Article is written by Dave for our January Issue of The Hacker News Magazine, We like to share with ou...

Artillery 0.1 alpha - New tool for Linux Protection by ReL1K

Artillery 0.1 alpha - New tool for Linux Protection byReL1K A new Tool "Artillery " - for Linux Protection has been Released by ReL1K Founder DerbyCon, Creator of the Social-Engineer Toolkit. It's written in Python and completely open-source. Artillery is a combination of a honeypot, file...

SAMHAIN v2.8.5 - intrusion detection system

SAMHAIN v2.8.5 - intrusion detection system The samhain open source host-based intrusion detection system HIDS provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. It has been...

SAMHAIN v2.8.5 - intrusion detection system

SAMHAIN v2.8.5 - intrusion detection system The samhain open source host-based intrusion detection system HIDS provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. It has been...

HashGenerator - Tool for Universal Hash Generator

HashGenerator is the universal hash generator tool which automates the generation of 14 different type of hashes or checksums. It support most of the popular hashes including MD5 family, SHA family, BASE64, CRC32, ROT13, RIPEMD, ALDER32, HAVAL, WHIRLPOOL etc. It can even generate hash for the fil...

CentOS 5 : aide (CESA-2007:0539)

An updated aide package that fixes various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Advanced Intrusion Detection Environment AIDE is a file integrity checker and intrusion detection...

Mandriva Update for glibc MDKA-2007:111 (glibc)

Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDKA-2007:111 glibc Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Debian Security Advisory DSA 1035-1 (fcheck)

The remote host is missing an update to fcheck announced via advisory DSA 1035-1. Steve Kemp from the Debian Security Audit project discovered that a cronjob contained in fcheck, a file integrity checker, creates a temporary file in an insecure fashion. The old stable distribution woody is not...

Debian: Security Advisory (DSA-1035-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandrake Linux Security Advisory : vixie-cron (MDKSA-2007:234)

Raphael Marichez discovered a denial of service bug in how vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab could prevent vixie-cron from executing certain system cron jobs. The updated packages have been patched to correct this issue...

Design/Logic Flaw

Red Hat Enterprise Linux RHEL 5 ships the rpm for the Advanced Intrusion Detection Environment AIDE before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files...

CVE-2007-3849

CVE-2007-3849 affects Red Hat Enterprise Linux 5 where the AIDE package (before 0.13.1) ships with a database that lacks checksum information, allowing context-dependent attackers to bypass file integrity checks and modify certain files. The vulnerability centers on AIDE’s checksum database and a...

CVE-2007-3849

Red Hat Enterprise Linux RHEL 5 ships the rpm for the Advanced Intrusion Detection Environment AIDE before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files...

RHEL 5 : aide (RHSA-2007:0539)

An updated aide package that fixes various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Advanced Intrusion Detection Environment AIDE is a file integrity checker and intrusion detection...

aide security update

CentOS Errata and Security Advisory CESA-2007:0539 An updated aide package that fixes various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Advanced Intrusion Detection Environment AIDE is...

Moderate: Red Hat Security Advisory: aide security update

An updated aide package that fixes various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Advanced Intrusion Detection Environment AIDE is a file integrity checker and intrusion detection...

Apple Mac Os X DiskManagement.framework privilege escalation

File integrity for file with original permissions database is not checked during permissions restoration...

DSA-1035-1 fcheck - insecure temporary file

Bulletin has no description...

Making free to kill ASP page Trojan-vulnerability warning-the black bar safety net

（Garbage articles, originally wanted to cast to a magazine, then think, forget it, afraid of being scolded. Reprint please indicate the source: the vxer. cn, Thank you! ^^） 2 0 0 5 the year isfree to killtechnology by leaps and bounds in a year, more and more people are familiar with a simple PE...